From 0fb71e0215ed52863e462cccef73c01aff44d43d Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 18 Dec 2017 15:11:02 +0000 Subject: gentoo resync : 18.12.2017 --- sys-auth/Manifest.gz | Bin 11079 -> 11072 bytes sys-auth/nss_ldap/Manifest | 18 -- .../files/nss_ldap-239-tls-security-bug.patch | 42 ---- .../files/nss_ldap-252-reconnect-timeouts.patch | 65 ------ .../nss_ldap-254-nss_getgrent_skipmembers.patch | 226 --------------------- sys-auth/nss_ldap/nss_ldap-258.ebuild | 79 ------- sys-auth/nss_ldap/nss_ldap-259.ebuild | 79 ------- sys-auth/nss_ldap/nss_ldap-261.ebuild | 83 -------- sys-auth/nss_ldap/nss_ldap-262.ebuild | 83 -------- sys-auth/nss_ldap/nss_ldap-264-r1.ebuild | 101 --------- sys-auth/nss_ldap/nss_ldap-264.ebuild | 98 --------- sys-auth/nss_ldap/nss_ldap-265-r1.ebuild | 113 ----------- sys-auth/nss_ldap/nss_ldap-265-r2.ebuild | 121 ----------- sys-auth/nss_ldap/nss_ldap-265-r4.ebuild | 140 ------------- sys-auth/nss_ldap/nss_ldap-265.ebuild | 105 ---------- 15 files changed, 1353 deletions(-) delete mode 100644 sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch delete mode 100644 sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch delete mode 100644 sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch delete mode 100644 sys-auth/nss_ldap/nss_ldap-258.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-259.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-261.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-262.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-264-r1.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-264.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-265-r1.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-265-r2.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-265-r4.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-265.ebuild (limited to 'sys-auth') diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz index 5a48d4bc489f..d76efbdab194 100644 Binary files a/sys-auth/Manifest.gz and b/sys-auth/Manifest.gz differ diff --git a/sys-auth/nss_ldap/Manifest b/sys-auth/nss_ldap/Manifest index bab803bbcb9e..56368fb67c95 100644 --- a/sys-auth/nss_ldap/Manifest +++ b/sys-auth/nss_ldap/Manifest @@ -1,7 +1,4 @@ -AUX nss_ldap-239-tls-security-bug.patch 1022 BLAKE2B 22a333d9f37612ef0be82bcc97b39d181b41dfe00afe4e911321570070ffd6073488fa7ed56a12169155b1df24ea0109b186a441517cad7f50e50a71bef6e945 SHA512 9700962f0844ed4e4695dd31efe2b654a646a644b401b282a0b23cb80a3eedde95b54a79cd7a9c25ea3ed319c178aef7edf84953a5cf6edbc5a4ac5bf805c603 AUX nss_ldap-249-sasl-compile.patch 282 BLAKE2B 5fde1a60ca75fb7ed635bf0c7649626de2ea87497067aa8d1d210e4862a1e4b0dcf04e1e8e40d126119fe7d8ae8d3686c4e3166598f941b83d1bb3685d42ee7c SHA512 74af8f635a2bae5d901e685d0a9df3b92583b4480f0736b095df6091eac059226b91149d4b8a30a2ee60b948b55b87b8e6402d0e8fdcf1e84d384781c4880cea -AUX nss_ldap-252-reconnect-timeouts.patch 3169 BLAKE2B 0bccea69ed25e804bdaf91e1c8f1808177fadf6e38ad6dace8039b62d93cad47be7fe28b9633dd7950bc068b57649209deec518aa232a59e2cd9c8687dd28ca6 SHA512 c3a282d422792830e8572baa05ec58868c3cda7a80591e06c54bc3fc07cabba32f2a9fbe428a5a2f9c6e76eca5c475d200ca113c58ad2cbba290adadf41de4b9 -AUX nss_ldap-254-nss_getgrent_skipmembers.patch 7837 BLAKE2B 41cd44325ff08da3b77ebde6e15d21b94c8e9d1338a3a46d451eaf89720c2c5ee8fc9d5cd3f20a46dcc639f0a2d721c456d17595e5109e6535757ac0d3d7f43f SHA512 38957dd652c5340dab02000b0d62dfad803bd0593c139e84ea26cc9aabbbe68fcf221cd9030b4f9a2faa1ee5ef3ef1242b96a2dd2557cd5432ab8fdb8d513ca0 AUX nss_ldap-254-soname.patch 604 BLAKE2B 14328e1fb893c11a67e0fc10026035da5e908bdc32998e0970a82bc48cb13f59b615378a090dd3e58954d588bfcbbc9edbe413a48f625946a071ace8622364ad SHA512 4a41f7c5507095a26fc10f2ebc9563cf50017c0e95277db20363dec92e59c2b3cfde49ada036887177d439487c1d5c406c03269f5a329c3f8a381a045d1a1ae2 AUX nss_ldap-257-nss_max_group_depth.patch 3551 BLAKE2B 6bb9db4af1ae8b74fefdb99119c41ab1e91b6bf73e9637c0b1ed436c432c00fd827cc0acbb2463bf60fc533ad3d4856f86ecdb607ab1a0030203b2a3d3d015bf SHA512 7810f8c053c8f6b01cc61bb1953441d457bc6d90b4e985d03f6c7e8a7ef60225c86dfa0248fe1107955418a3ed205b52510fd2bee07fefc1c559300a1417d1de AUX nss_ldap-257.2-gssapi-headers.patch 2343 BLAKE2B d82b77be7a5f449e2367719262aa9effca16af1338c276cbb03a705b3ae0d5f2a3ab931aca16883819ca81c59811e5e01dfe0fd4252f4b5de48cd5e1adc73063 SHA512 51acfb4879c242582fc6f4d8543b96ff5e2e36e5bfacc3e8d8f1648f77a16957bbb7da0fa8d09ee1eea0ea19d81b0511ce72cc1c91ca2c68709203ec60369dde @@ -12,21 +9,6 @@ AUX nss_ldap-265-missing-entries-oneshot.patch 3734 BLAKE2B 8ecc35b20719222a747c AUX nss_ldap-265-pthread.patch 18698 BLAKE2B 1a158ddca1dbc99536b2d637a938c6ab121bb217b6b4b6f9755139ea8aec860023ec5fdcdbcebd925b99d9d440fc4a06da364646cd30f6654e41cbedb18e74df SHA512 2afc8a8ee20043985b739923a4c7472f0e13c6854de6d3023ac6c843d3ba6ecf4cf7ee21da4d8dad907f27ab476eec646fa4603d8be725f079f60a4a220c025d AUX nss_ldap-265-reconnect-timeouts.patch 2806 BLAKE2B b254a9959892a0a8ecb6e53778c4581f5ce8f9f0b90ceaf7fdb3e08cdc029b3914d9f95a7b65f3f9ceedf6669ae5727d8bc41c7229c567667896b4cb8868b227 SHA512 d9767cfaf32b9041d222c7b313c327a72ac2766d26fed7ce19cc1acff56cf2493d4e1e83b33852083505952f983ba64c00409e3cf09dcbf74676390968dd935b AUX nsswitch.ldap.diff 575 BLAKE2B 9578535ea6cff87ac21fa8f3a0a1b8d727c657a53318b378dd86b4dded15bac950e241af59b15b6898a1ed089d1c481f0615ca7de3ae4e07a231432920af7b52 SHA512 0d08d4dacea0213714cab864300e625158106245eeb34a7d4b983749dd4fa4156d3f36d6c2dd214efdf80cf926c37657eb00651bceb89907286a3310123399a0 -DIST nss_ldap-258.tar.gz 274694 BLAKE2B 6374596d0e6675c89bde561cfcdc26622bfedbacd163183c4838fbb1cf1939078be895dcdd07127503171110bb241ff3e7e40f616865a58caae6931fe2882db0 SHA512 0a92076214e6ffaa60929a9fdc34fe7c9a584a0789d54ea505e65a69eda88a3ee0382ea5a90c581073c95671fa3a50b8a8a529e30f4260afacb3820695773ecb -DIST nss_ldap-259.tar.gz 274878 BLAKE2B 0d5db5d077f2560b9145c6a19d2af3ede831f2073df562b40b129db995950ab359744ba2fb7156f74720a46edc320dbd44e9be1c5d4fbc515d892ae676876969 SHA512 d20514df1b8dba4ad67cf5d130aa4a2e1b0aea1ee09832bc27078f26a62ecf56b0294b5fcd3425b5b6969889afc99f7fc335a34994034dcfb10f3ab5385d3393 -DIST nss_ldap-261.tar.gz 276065 BLAKE2B d6854f149aadfdbd19d15de9a3085c7932c7b618af490ce738e92c61c6ca6a8de903d776d1e8d60eae9a3043f510e321cfe7f73dcf21d435b1ea9786e0fc84fc SHA512 b44f4ad62f3d3b237370b6393ff38ab5f26608bd8996607f828e3ab32d7dbb96ae2e40398b5b1cea9a232a29ea6c30ee56d5e9b386a514b194ac2b3e94da59da -DIST nss_ldap-262.tar.gz 274927 BLAKE2B 6db4e236485df7d15daeb613df64e384e4cbd96239c37942267005e8b29fdc991d31be32024e0f073f09c0a9cbb3272672f7f2f8d4c35a97003b0d557283aa02 SHA512 ac4781f36b0dbc9a8e00206b13598d247a3501ca0f7e1cc7e7bcc11675186199b2ea0975ce2feb311b07b50aad36efed5ba297e7c93dc741b806a94d8d051152 -DIST nss_ldap-264.tar.gz 278134 BLAKE2B 0c3e969b444a1a836220e1c6cef3598b6e39a5ed5a8365fa6583df2977118b10cfea46ce19fa98c1c5bbbefcc62f3e745287c6c7fb7fe54010dd4c86dd205106 SHA512 e7decde11377f10ec98fd360a38cbf08b9af7e328e967e417367e9e501faf0868be67a6f8fc1dd9b1fe7ee2ae720ee791ed481e21e80f686e750351b3ea6e689 DIST nss_ldap-265.tar.gz 280976 BLAKE2B 31b233ef7680204abfb62408141609b9489e133327c787c59afedd9ac41194189bde26d1f3b0a885622f57ec769ddee2bdf7d274b9584d4d5002d1c016c86892 SHA512 c4584682968861dd5880992fe7d11c6005d94f0c17252ab1cda04380fd7a81b419ba7e87d0efa44c24c5ce5bf76b9fd8331034dddb4f1400f132eb2192472077 -EBUILD nss_ldap-258.ebuild 2251 BLAKE2B 51929d26ce22dadf3b423befdc7c7261dd850aaccfe46f90e9b79a173af311237f9c29e94449d8ddb3c6bd5c6322b36b5cda8177cbb4bb77298507a60a2f293a SHA512 73004c7e868983baaf81dc6cfa8cf296790a7a594dba695b89845285474af8190b6801fb8976cbb63d77112de50a11f6ed0d8b565c99988c60cfbde51665cebf -EBUILD nss_ldap-259.ebuild 2258 BLAKE2B 7baa29b172ba86c25aa63857ae80b6197cbf75fefce031c49e20f4cffabdd9b2a14323347f7064c6582bac1ad56151c61fc97d9679b9f3ca2119501e56e3206d SHA512 b7d2cdf5d00fc1ec03b8a05a1550a8e0c2ff034b6491e742e18cbb6c050f8a55db3f79a03058ab03d4b85cb8daf153e593a323f287ced3d870f9e2d26a59fe00 -EBUILD nss_ldap-261.ebuild 2378 BLAKE2B 7f47a5fa55f7f530b939219479811606fb0c5ecbd60a627892dd92c0983e0e9a3a238b5678b477f0a075463c52ec875b1b607ceaebe6a49d5ac235ad163ffadd SHA512 fab05a285b546102960837dd8bd06e695147c690231a5ef107e0bbcab3f5ea1ec34058073ead753baa0c2b6155aa17357489915c7697decbb0d83279995e4d5e -EBUILD nss_ldap-262.ebuild 2378 BLAKE2B 7f47a5fa55f7f530b939219479811606fb0c5ecbd60a627892dd92c0983e0e9a3a238b5678b477f0a075463c52ec875b1b607ceaebe6a49d5ac235ad163ffadd SHA512 fab05a285b546102960837dd8bd06e695147c690231a5ef107e0bbcab3f5ea1ec34058073ead753baa0c2b6155aa17357489915c7697decbb0d83279995e4d5e -EBUILD nss_ldap-264-r1.ebuild 2608 BLAKE2B 59ad9063dfacb84c1226351539453b6b08084b3d2528ea33c01f18f4b19651b85555958a4ebe78b26e81b69fa425deefea29ca9138f92be9e27eb08c43760414 SHA512 c8245e2a64739ef4248675c463e79892e56acd3413e3e7ef6d37d38fcfd2ca4231c6f6435dd1d627f57dad6b9a7fb5869eee597b0bc2fac2315690c60280db6a -EBUILD nss_ldap-264.ebuild 2549 BLAKE2B 89bc20b6617938f765217e3c13981746535578bf91d98291ba28489fce753eb622016e09fd8c05b775350838788aecd54e75763e7d68bea97863268d6b8bf5e4 SHA512 9d889ae0d7c92cd28ba8fb983f7d010c5b761c9d3ddac915ba4a810b485639fea537cb6b745948780af4d6d51c749a2338de5149beb6ba6724e3c43c70c9738f -EBUILD nss_ldap-265-r1.ebuild 2946 BLAKE2B 22494a2017d53b22173307f76b3f0a7c6e6cd4687db7b0bf6364aacf37999800158f2055e38b50e7b7568945d3442bdffec68686febcc71dbdda3696e1ff639c SHA512 61c663c260eb7b75df3f1b601ea6d5f339a4b8bf22b977616ee5ebecfea7cd7295a99a6fc4afca263268605ff3a6719f8d8bf775d01b7c9b7d79899bacf198ba -EBUILD nss_ldap-265-r2.ebuild 3106 BLAKE2B f79713535aef86cba79249927090ed18d4840ae3b9402d3b8ea843530753dfeface8c7515ca3b4f61545ac233877a59be5c6f5f612b65c6dec75a65f8d007861 SHA512 762e5bde4f5359d73e25b49d34ecaf24389383b378df4fd246eb7874c118a32b0720ec411fde0248a4087c8c18198edc0745380976cc4dba584d15b25291cf6b -EBUILD nss_ldap-265-r4.ebuild 3712 BLAKE2B 7c269443008d950a239091ed60a524ec4644dcc0dcbdc192accf9797d51f33a5615e1edcfd40b0f5f71c55e0fa9adb9b5273b1c36d36cf267e5404b79844688a SHA512 d7abc453958c991123a3aaf78af929169abf6c12d9305b82d92eb1f8499e52b034a3728b076931a04b0db6ab8d54a37d6904234fd977890f10e57845d437337a EBUILD nss_ldap-265-r5.ebuild 4116 BLAKE2B 6035f1f73d7dddb7cf0f806c12f6ff24dc3450035d75d928ae769129976b985e41fb97365de29c6f4f28e95584911b348e5b38da92e6d4ec66afb8934bfe9431 SHA512 13e3539a1d6b1c022ee4ddd81a1b59ae4740311a567d26cd0fd67e71da5b111953367befe99302cad3001bbadb5f3a8081ab4181b05040b793118301133eb3a7 -EBUILD nss_ldap-265.ebuild 2691 BLAKE2B aac100c4bd568895a2be9709906b8fe47f78005e5cd34be17754cce20f995216b964f32c1dbb090c62007dab0b533fa7e7be80e9ad112c4b6b9c054cc82a0962 SHA512 49a654acaffd2be41061f680d339d3b5d39b3237050454769644cc7d70ce1a413e3aa38763c6938be25f1af2e1946cd3f35b84da0f0814483476e905581c4661 MISC metadata.xml 472 BLAKE2B 807d6edadcbc8209f6cefdf43d271376eeb043a7b9cc315d708d20ad3a6765da6436128068b3394a48861343c8823a54efb3588fccbe71e00b257c9ed50f0d48 SHA512 33c52bba49fa13e698544de57b00dc813d87820ef29adf29b57198fadca85a1e45a1e99eff3d8806c77eab456d870ce8ddbfd02a688babb5600ba64cf2cf2419 diff --git a/sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch b/sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch deleted file mode 100644 index 1dbd8dc889a1..000000000000 --- a/sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- ldap-nss.c 2004-09-28 03:20:11.000000000 +0100 -+++ ldap-nss.c.new 2005-07-04 01:32:12.000000000 +0100 -@@ -330,6 +330,39 @@ - - timelimit = __session.ls_config->ldc_bind_timelimit; - -+#ifdef HAVE_LDAP_START_TLS_S -+ if (__session.ls_config->ldc_ssl_on == SSL_START_TLS) -+ { -+ int version; -+ -+ if (ldap_get_option -+ (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, -+ &version) == LDAP_OPT_SUCCESS) -+ { -+ if (version < LDAP_VERSION3) -+ { -+ version = LDAP_VERSION3; -+ ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, -+ &version); -+ } -+ } -+ -+ debug ("==> start_tls"); -+ if (ldap_start_tls_s (__session.ls_conn, NULL, NULL) == LDAP_SUCCESS) -+ { -+ debug ("TLS startup succeeded"); -+ } -+ else -+ { -+ debug ("TLS startup failed"); -+ do_close (); -+ debug ("<== do_open"); -+ return NSS_UNAVAIL; -+ } -+ debug ("<== start_tls"); -+ } -+#endif /* HAVE_LDAP_START_TLS_S */ -+ - return do_bind (ld, timelimit, who, cred, with_sasl); - } - #else diff --git a/sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch b/sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch deleted file mode 100644 index 285a34e3df4b..000000000000 --- a/sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch +++ /dev/null @@ -1,65 +0,0 @@ -This patch changes the default timeouts, so that they are much lower, and do -not cause major delays when booting a system. This is a workaround until the -core /etc/{passwd,group} contain all of the data needed for a system boot. - -Also add a note that 'ssl on' is broken and TLS should be used instead. - -Signed-off-by: Robin H. Johnson - -diff -Nuar --exclude '*~' nss_ldap-250.orig/ldap-nss.h nss_ldap-250/ldap-nss.h ---- nss_ldap-250.orig/ldap-nss.h 2006-04-26 18:19:00.000000000 -0700 -+++ nss_ldap-250/ldap-nss.h 2006-06-14 01:58:01.933005492 -0700 -@@ -96,9 +96,9 @@ - * unacceptable, in which case you may wish to adjust - * the constants below. - */ --#define LDAP_NSS_TRIES 5 /* number of sleeping reconnect attempts */ --#define LDAP_NSS_SLEEPTIME 4 /* seconds to sleep; doubled until max */ --#define LDAP_NSS_MAXSLEEPTIME 64 /* maximum seconds to sleep */ -+#define LDAP_NSS_TRIES 4 /* number of sleeping reconnect attempts */ -+#define LDAP_NSS_SLEEPTIME 1 /* seconds to sleep; doubled until max */ -+#define LDAP_NSS_MAXSLEEPTIME 16 /* maximum seconds to sleep */ - #define LDAP_NSS_MAXCONNTRIES 2 /* reconnect attempts before sleeping */ - - #if defined(HAVE_NSSWITCH_H) || defined(HAVE_IRS_H) -diff -Nuar --exclude '*~' nss_ldap-250.orig/ldap.conf nss_ldap-250/ldap.conf ---- nss_ldap-250.orig/ldap.conf 2006-04-26 18:19:00.000000000 -0700 -+++ nss_ldap-250/ldap.conf 2006-06-14 02:12:02.008444745 -0700 -@@ -283,7 +283,8 @@ - # OpenLDAP SSL mechanism - # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 - #ssl start_tls --#ssl on -+###ssl on -+# Gentoo note: Don't use 'ssl on' in 249/250. They are broken in some cases! Use start_tls instead. - - # OpenLDAP SSL options - # Require and verify server certificate (yes/no) -@@ -315,3 +316,27 @@ - # Override the default Kerberos ticket cache location. - #krb5_ccname FILE:/etc/.ldapcache - -+# Timeout behavior -+# Upstream nss_ldap hard-codes these values: -+#nss_reconnect_tries 5 # number of times to double the sleep time -+#nss_reconnect_sleeptime 4 # initial sleep value -+#nss_reconnect_maxsleeptime 64 # max sleep value to cap at -+#nss_reconnect_maxconntries 2 # how many tries before sleeping -+# This leads to a delay of 124 seconds (4+8+16+32+64=124) per lookup if the -+# server is not available. -+ -+# For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values -+# (The hardwired constants in the code are changed to them as well): -+nss_reconnect_tries 4 # number of times to double the sleep time -+nss_reconnect_sleeptime 1 # initial sleep value -+nss_reconnect_maxsleeptime 16 # max sleep value to cap at -+nss_reconnect_maxconntries 2 # how many tries before sleeping -+# This leads to a delay of 15 seconds (1+2+4+8=15) -+ -+# If you are impatient, and know your LDAP server is reliable, fast or local, -+# you may wish to use these values instead: -+#nss_reconnect_tries 1 # number of times to double the sleep time -+#nss_reconnect_sleeptime 1 # initial sleep value -+#nss_reconnect_maxsleeptime 1 # max sleep value to cap at -+#nss_reconnect_maxconntries 3 # how many tries before sleeping -+# This leads to a delay of 1 second. diff --git a/sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch b/sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch deleted file mode 100644 index 68809bcf1b1b..000000000000 --- a/sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch +++ /dev/null @@ -1,226 +0,0 @@ -diff -c -r nss_ldap-250/ChangeLog nss_ldap-250.1/ChangeLog -*** nss_ldap-250/ChangeLog Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/ChangeLog Wed Aug 16 16:58:57 2006 -*************** -*** 1,6 **** ---- 1,13 ---- - $Id$ - =============================================================== - -+ 250.1 Paul B. Henson -+ -+ * add nss_getgrent_skipmembers parameter to ldap.conf, -+ if enabled will not request member attributes for -+ group lookups, greatly increasing performance in the -+ face of large groups -+ - 250 Luke Howard - - * don't use static _nss_ldap_no_members buffer, -diff -c -r nss_ldap-250/ldap-nss.c nss_ldap-250.1/ldap-nss.c -*** nss_ldap-250/ldap-nss.c Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/ldap-nss.c Wed Aug 16 16:51:49 2006 -*************** -*** 1258,1264 **** - - cfg = __config; - -! _nss_ldap_init_attributes (cfg->ldc_attrtab); - _nss_ldap_init_filters (); - - #ifdef HAVE_LDAP_SET_OPTION ---- 1258,1264 ---- - - cfg = __config; - -! _nss_ldap_init_attributes (cfg->ldc_attrtab, cfg->ldc_getgrent_skipmembers); - _nss_ldap_init_filters (); - - #ifdef HAVE_LDAP_SET_OPTION -diff -c -r nss_ldap-250/ldap-nss.h nss_ldap-250.1/ldap-nss.h -*** nss_ldap-250/ldap-nss.h Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/ldap-nss.h Wed Aug 16 16:51:59 2006 -*************** -*** 390,395 **** ---- 390,396 ---- - time_t ldc_mtime; - - char **ldc_initgroups_ignoreusers; -+ int ldc_getgrent_skipmembers; - }; - - typedef struct ldap_config ldap_config_t; -diff -c -r nss_ldap-250/ldap-schema.c nss_ldap-250.1/ldap-schema.c -*** nss_ldap-250/ldap-schema.c Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/ldap-schema.c Wed Aug 16 16:54:52 2006 -*************** -*** 273,279 **** - - static void init_pwd_attributes (const char ***pwd_attrs); - static void init_sp_attributes (const char ***sp_attrs); -! static void init_grp_attributes (const char ***grp_attrs); - static void init_hosts_attributes (const char ***hosts_attrs); - static void init_services_attributes (const char ***services_attrs); - static void init_network_attributes (const char ***network_attrs); ---- 273,279 ---- - - static void init_pwd_attributes (const char ***pwd_attrs); - static void init_sp_attributes (const char ***sp_attrs); -! static void init_grp_attributes (const char ***grp_attrs, int ldc_getgrent_skipmembers); - static void init_hosts_attributes (const char ***hosts_attrs); - static void init_services_attributes (const char ***services_attrs); - static void init_network_attributes (const char ***network_attrs); -*************** -*** 289,299 **** - * attribute table initialization routines - */ - void -! _nss_ldap_init_attributes (const char ***attrtab) - { - init_pwd_attributes (&attrtab[LM_PASSWD]); - init_sp_attributes (&attrtab[LM_SHADOW]); -! init_grp_attributes (&attrtab[LM_GROUP]); - init_hosts_attributes (&attrtab[LM_HOSTS]); - init_services_attributes (&attrtab[LM_SERVICES]); - init_network_attributes (&attrtab[LM_NETWORKS]); ---- 289,299 ---- - * attribute table initialization routines - */ - void -! _nss_ldap_init_attributes (const char ***attrtab, int ldc_getgrent_skipmembers) - { - init_pwd_attributes (&attrtab[LM_PASSWD]); - init_sp_attributes (&attrtab[LM_SHADOW]); -! init_grp_attributes (&attrtab[LM_GROUP], ldc_getgrent_skipmembers); - init_hosts_attributes (&attrtab[LM_HOSTS]); - init_services_attributes (&attrtab[LM_SERVICES]); - init_network_attributes (&attrtab[LM_NETWORKS]); -*************** -*** 357,363 **** - } - - static void -! init_grp_attributes (const char ***grp_attrs) - { - int i = 0; - static const char *__grp_attrs[ATTRTAB_SIZE + 1]; ---- 357,363 ---- - } - - static void -! init_grp_attributes (const char ***grp_attrs, int ldc_getgrent_skipmembers) - { - int i = 0; - static const char *__grp_attrs[ATTRTAB_SIZE + 1]; -*************** -*** 366,374 **** - - (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, cn); - (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, userPassword); -! (*grp_attrs)[i++] = (char *) AT (memberUid); -! if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS)) -! (*grp_attrs)[i++] = (char *) AT (uniqueMember); - (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, gidNumber); - (*grp_attrs)[i] = NULL; - } ---- 366,377 ---- - - (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, cn); - (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, userPassword); -! if (!ldc_getgrent_skipmembers) -! { -! (*grp_attrs)[i++] = (char *) AT (memberUid); -! if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS)) -! (*grp_attrs)[i++] = (char *) AT (uniqueMember); -! } - (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, gidNumber); - (*grp_attrs)[i] = NULL; - } -diff -c -r nss_ldap-250/ldap-schema.h nss_ldap-250.1/ldap-schema.h -*** nss_ldap-250/ldap-schema.h Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/ldap-schema.h Wed Aug 16 16:54:07 2006 -*************** -*** 30,36 **** - * function to initialize global lookup filters. - */ - void _nss_ldap_init_filters (); -! void _nss_ldap_init_attributes (const char ***attrtab); - - /** - * make filters formerly declared in ldap-*.h globally available. ---- 30,36 ---- - * function to initialize global lookup filters. - */ - void _nss_ldap_init_filters (); -! void _nss_ldap_init_attributes (const char ***attrtab, int ldc_getgrent_skipmembers); - - /** - * make filters formerly declared in ldap-*.h globally available. -diff -c -r nss_ldap-250/nss_ldap.5 nss_ldap-250.1/nss_ldap.5 -*** nss_ldap-250/nss_ldap.5 Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/nss_ldap.5 Wed Aug 16 17:07:19 2006 -*************** -*** 445,450 **** ---- 445,458 ---- - to return NSS_STATUS_NOTFOUND if called with a listed users as - its argument. - .TP -+ .B nss_getgrent_skipmembers -+ Specifies whether or not to populate the members list in -+ the group structure for group lookups. If very large groups -+ are present, enabling this option will greatly increase -+ perforance, at the cost of some lost functionality. You should -+ verify no local applications rely on this information before -+ enabling this on a production system. -+ .TP - .B nss_srv_domain - This option determines the DNS domain used for performing SRV - lookups. -diff -c -r nss_ldap-250/util.c nss_ldap-250.1/util.c -*** nss_ldap-250/util.c Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/util.c Wed Aug 16 16:52:55 2006 -*************** -*** 660,665 **** ---- 660,666 ---- - result->ldc_reconnect_maxsleeptime = LDAP_NSS_MAXSLEEPTIME; - result->ldc_reconnect_maxconntries = LDAP_NSS_MAXCONNTRIES; - result->ldc_initgroups_ignoreusers = NULL; -+ result->ldc_getgrent_skipmembers = 0; - - for (i = 0; i <= LM_NONE; i++) - { -*************** -*** 1137,1142 **** ---- 1138,1156 ---- - break; - } - } -+ else if (!strcasecmp (k, NSS_LDAP_KEY_GETGRENT_SKIPMEMBERS)) -+ { -+ if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") -+ || !strcasecmp (v, "true")) -+ { -+ result->ldc_getgrent_skipmembers = 1; -+ } -+ else if (!strcasecmp (v, "off") || !strcasecmp (v, "no") -+ || !strcasecmp (v, "false")) -+ { -+ result->ldc_getgrent_skipmembers = 0; -+ } -+ } - else if (!strcasecmp (k, NSS_LDAP_KEY_CONNECT_POLICY)) - { - if (!strcasecmp (v, "oneshot")) -diff -c -r nss_ldap-250/util.h nss_ldap-250.1/util.h -*** nss_ldap-250/util.h Wed Apr 26 18:19:00 2006 ---- nss_ldap-250.1/util.h Wed Aug 16 16:49:52 2006 -*************** -*** 83,88 **** ---- 83,89 ---- - #define NSS_LDAP_KEY_PAGESIZE "pagesize" - #define NSS_LDAP_KEY_INITGROUPS "nss_initgroups" - #define NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS "nss_initgroups_ignoreusers" -+ #define NSS_LDAP_KEY_GETGRENT_SKIPMEMBERS "nss_getgrent_skipmembers" - - /* more reconnect policy fine-tuning */ - #define NSS_LDAP_KEY_RECONNECT_TRIES "nss_reconnect_tries" diff --git a/sys-auth/nss_ldap/nss_ldap-258.ebuild b/sys-auth/nss_ldap/nss_ldap-258.ebuild deleted file mode 100644 index 18dbf9fd7de4..000000000000 --- a/sys-auth/nss_ldap/nss_ldap-258.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -inherit fixheadtails eutils multilib autotools - -IUSE="debug sasl kerberos" - -DESCRIPTION="NSS LDAP Module" -HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" -SRC_URI="http://www.padl.com/download/${P}.tar.gz" - -SLOT="0" -LICENSE="LGPL-2" -KEYWORDS="alpha amd64 hppa ~ia64 ~mips ppc ppc64 sparc x86" - -DEPEND=">=net-nds/openldap-2.1.30-r5 - sasl? ( dev-libs/cyrus-sasl ) - kerberos? ( virtual/krb5 )" -RDEPEND="${DEPEND} - !>"${D}"/etc/ldap.conf - echo >>"${D}"/etc/ldap.conf - sed -i "${D}"/etc/ldap.conf \ - -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' \ - || die "failed to sed /etc/ldap.conf" - - dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ - CVSVersionInfo.txt README nsswitch.ldap certutil - docinto docs; dodoc doc/* - -} - -pkg_postinst() { - elog "If you use a ldaps:// string in the 'uri' setting of" - elog "your /etc/ldap.conf, you must set 'ssl on'!" -} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r2.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r2.ebuild deleted file mode 100644 index a44456c8aac5..000000000000 --- a/sys-auth/nss_ldap/nss_ldap-265-r2.ebuild +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -inherit fixheadtails eutils multilib autotools prefix - -IUSE="debug ssl sasl kerberos" - -DESCRIPTION="NSS LDAP Module" -HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" -SRC_URI="http://www.padl.com/download/${P}.tar.gz" - -SLOT="0" -LICENSE="LGPL-2" -KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 sparc x86 ~amd64-linux" - -DEPEND=">=net-nds/openldap-2.1.30-r5 - sasl? ( dev-libs/cyrus-sasl ) - kerberos? ( virtual/krb5 ) - ssl? ( dev-libs/openssl:0 )" -RDEPEND="${DEPEND} - !>"${ED}"/etc/ldap.conf - echo >>"${ED}"/etc/ldap.conf - sed -i "${ED}"/etc/ldap.conf \ - -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' - - dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ - CVSVersionInfo.txt README nsswitch.ldap certutil - docinto docs; dodoc doc/* -} - -pkg_postinst() { - elog "If you use a ldaps:// string in the 'uri' setting of" - elog "your /etc/ldap.conf, you must set 'ssl on'!" -} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r4.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r4.ebuild deleted file mode 100644 index 598a8cb53f3e..000000000000 --- a/sys-auth/nss_ldap/nss_ldap-265-r4.ebuild +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -inherit fixheadtails eutils multilib autotools prefix - -IUSE="debug ssl sasl kerberos" - -DESCRIPTION="NSS LDAP Module" -HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" -SRC_URI="http://www.padl.com/download/${P}.tar.gz" - -SLOT="0" -LICENSE="LGPL-2" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux" - -DEPEND=">=net-nds/openldap-2.1.30-r5 - sasl? ( dev-libs/cyrus-sasl ) - kerberos? ( virtual/krb5 ) - ssl? ( dev-libs/openssl:0 )" -RDEPEND="${DEPEND} - !> ${S}/config.h - echo "#define HAVE_NET_ROUTE_H 1" >> ${S}/config.h - echo "#define HAVE_RESOLV_H 1" >> ${S}/config.h - fi -} - -src_install() { - dodir /$(get_libdir) - - if use kernel_FreeBSD; then - emake -j1 DESTDIR="${D}" install || die "make install failed" - else - emake -j1 DESTDIR="${D}" install \ - INST_UID=${PORTAGE_USER:-root} INST_GID=${PORTAGE_GROUP:-root} - fi - - insinto /etc - doins ldap.conf - - # Append two blank lines and some skip entries - echo >>"${ED}"/etc/ldap.conf - echo >>"${ED}"/etc/ldap.conf - sed -i "${ED}"/etc/ldap.conf \ - -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' - - dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ - CVSVersionInfo.txt README nsswitch.ldap certutil - docinto docs; dodoc doc/* -} - -pkg_postinst() { - elog "If you use a ldaps:// string in the 'uri' setting of" - elog "your /etc/ldap.conf, you must set 'ssl on'!" -} diff --git a/sys-auth/nss_ldap/nss_ldap-265.ebuild b/sys-auth/nss_ldap/nss_ldap-265.ebuild deleted file mode 100644 index 5321586830a4..000000000000 --- a/sys-auth/nss_ldap/nss_ldap-265.ebuild +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=2 -inherit fixheadtails eutils multilib autotools - -IUSE="debug ssl sasl kerberos" - -DESCRIPTION="NSS LDAP Module" -HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" -SRC_URI="http://www.padl.com/download/${P}.tar.gz" - -SLOT="0" -LICENSE="LGPL-2" -KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" - -DEPEND=">=net-nds/openldap-2.1.30-r5 - sasl? ( dev-libs/cyrus-sasl ) - kerberos? ( virtual/krb5 ) - ssl? ( dev-libs/openssl )" -RDEPEND="${DEPEND} - !